Jaacostan

In the light of recent cyber bullying incidents, i thought of writing an article that might help some of you on how to respond and what to do when you face such incidents. First of all, let's understand what is a cyber bullying? It is the act of harassing someone using the electronic medium especially Internet. Many of us may already experienced this in one way or another. Some argue it as freedom of expression but at most of the times, it crosses all the boundaries of tolerance and patience. Bullying can happen due to ideological differences, opinions, political or even religious reasons. Now, i will get in to details of these reasons. Most of the bullying may seems as an individual opinion or comment. But there are many groups and organizations who get paid for bullying someone. Yes, it may seems odd but it is a reality. The political parties, religious groups or organizations, ideological movements, fan groups etc have their own IT groups who are assigned ...

Netmiko, developed by kirk Byers is an open source python library  based on Paramiko which simplifies SSH management to network devices and is primarily used for network automation tasks. Installing Netmiko in linux is a matter o f one single command but if you need to use Netmiko in your Windows PC, follow this process. 1) Install the latest version of Python. 2) Install Anaconda, which is an opensource distribution platform that you can install in Windows and other OS's (https://www.anaconda.com/download/) 3) From the Anaconda Shell, run “ conda install paramiko ”. 4) From the Anaconda Shell, run “ pip install scp ”. 5) Now Install the Git for Windows. (https://www.git-scm.com/downloads) . Git is required for downloading and cloning all the Netmiko library files from Github. 6) From Git Bash window, Clone Netmiko using the following command git clone https://github.com/ktbyers/netmiko&#8221         7) Onc...

Issue: Cisco FTDv is not allowing the administrator to add a local manager and throwing the following error. "This device does not support local management." Solution/Explanation: Because virtual devices do not have web interfaces, you must use the CLI to register a virtual device to a Cisco Firepower Management Center, which can be physical or virtual.  From your FTDv CLI, add the FMC IP and the registration key (don't forget this key) On FMC , Add a new device. You enter the FTD IP in the host field and the same registration key. Click on Register to add the device and start managing the device from FMC. > The skills for your tomorrow with courses as low as $10.99" src="https://ad.linksynergy.com/fs-bin/show?id=t96OnntQpj4&bids=507388.10761&subid=0&type=4&gridnum=0">

BEING A FIREWALL ENGINEER : AN OPERATIONAL APPROACH A Comprehensive guide on firewall management operations and best practices Available on Amazon. Kindle Edition : https://www.amazon.com/dp/B07HDJDG6R Paperback : https://www.amazon.com/dp/172374297X Understand different firewall products and the Packet-flows. Hardening and best practices of firewall management with real world example. Get familiarize with Change management and understand how to incorporate change management process in to firewall management operations. This book give you a broad overview on Firewalls, packet flows, hardening, management & operations and the best practices followed in the industry. Though this book is mainly intended for firewall administrators who are in to operations, this book give a quick introduction and comparisons of the major firewall vendors and their products. In this book I have covered the following topics. •Various Job roles related to Firewalls. •What ...

Google is shutting down "Inbox by Gmail". "Move from lnbox to Gmail As Gmail continues to improve, we’re working to bring the best features over from Inbox. In the new Gmail, you’ll find workflows that are similar to your favorite ones in Inbox. Support for Inbox will conclude in 2019." Read official statement guide: https://support.google.com/inbox/answer/9117840

So finally some proof has been shown on personal data leakage to the Indian Bureaucrats . As per Government of India, "There is nothing called absolute right to privacy" and the privacy “should be subject to reasonable restrictions.” Read my previous post on Why India needs a Stringent Data Privacy Law? Here. Citizen's personal data has been shared with various organizations those are in sectors like Telecom, Service, retailers, E-commerce etc. In my opinion, before implementing the data sharing, the government must implement some data privacy laws and standards like the European GDPR in India. Once it is implemented and audited properly for the compliance, then the government can consider about data sharing. Currently there is no stringent laws and policies on data leak. The penalty is there for a few clauses but considering the value of the data, the penalty is negligibly small.   The Reply came within hours , Sweet Sour !!! The TRAI chairman challenged A ...

:: InfoSec Study Notes : Scribbling on ISO/IEC 27001:2013 Standard Part-2::   For Part-1 of this series , Go here. Context of the Organization The organization needs to identify the Internal and external issues that can affect the expected outcome. Hence context becomes an important consideration and helps to ensure that the ISMS is designed and adapted for your organization. -External Issues-external to the organization     External issues may include:     government regulations and changes in the law, Political conditions     economic shifts in your market     Partner,Vendors and competitor.     events that may affect your corporate image     Trends and changes in technology -Internal issues-within the organization and under direct control of the organization.     Internal issues can include :     regulatory requirements for the organization...

:: InfoSec Study Notes : Scribbling on ISO/IEC 27001:2013 Standard Part-1::   ISO/IEC 27001:2013 is an information security management standard. Organizations use it to manage and control the information security risks, to protect and preserve the confidentiality,integrity, and availability of information, and to establish your information security management system (ISMS). -Is a systematic framework to manage information security related risks and protect important information. -Also consists of requirements for an ISMS Annex A- a list of control objectives and controls for information security. -Annex A provides an essential tool for managing security. A list of security controls (or safeguards) that are to be used to improve security of information. -In brief, the Annex A lists the following control objective. This is a very large list which have more sub-topics/controls.     -Security Policy Management     -Corporate Security Management...

Modular Policy Framework (MPF) configuration defines set of rules for applying firewall features, such as traffic inspection, QoS etc. to the traffic transiting the firewall There are 3 main components in creating a MPF. 1) Class Map Class map is used to identify the type of traffic. This can be done by creating an ACL. 2) Policy Map Policy Map specifies what action the ASA should take against the traffic identified by the Class Map. 3) Service Policy Finally Service policy specifies where to apply it. The policy is applied to an interface or Globally. Udacity has special offers worldwide to help anyone learn important, higher-paying job skills during this challenging time. Click here to get your offer and start learning now! Sample Illustration Consider the following Command lines. access-list OUTSIDE-TO-INSIDE permit tcp any any eq ftp <--- The above ACL will allow FTP traffic. This ACL can be different than the Interface ACL---> class-map FTP-CLASS-MAP   ...

On older devices, we should choose the type of cables for connectivity. If it's same kind of device, then a crossover cable and if they are different, then a Straight-through cable. To overcome this inconvenience , there is a feature introduced on network devices , Auto-MDIX. This feature automatically detects the required cable connection type for a connection. That is, whether to use straight or Crossover. If either one of the connection device supports Auto-MDIX, then no matter the device, you can use a crossover or a straight-through cable. It also needs the speed and duplex auto-negotiation feature being enabled on the device.  In other words, with this feature enabled, the interface automatically corrects for any incorrect cabling. And Automatic medium-dependent interface crossover (Auto-MDIX) is enabled by default (from IOS 12.2(20)SE on-wards). Sample Manual configuration is shown below.

So, May 2018 was a remarkable month in the world of data security. European GDPR is now in effect and almost all tech giants are adjusting themselves in order to comply with the data privacy standards. I have consolidated the Privacy policies of the top 5 companies and the link for adjusting/controlling your data privacy. Review your privacy settings and control your own privacy. Google Privacy Policy : https://privacy.google.com/take-control.html Adjust Privacy Settings : https://myaccount.google.com/intro/privacy Facebook Privacy Policy : https://www.facebook.com/privacy/explanation Adjust Privacy Setting : https://www.facebook.com/settings?tab=privacy Instagram Privacy Policy : https://help.instagram.com/519522125107875 Adjust Privacy Settings : https://help.instagram.com/196883487377501 Yahoo Privacy Policy : https://policies.oath.com/ie/en/oath/privacy/index.html Adjust Privacy Settings  : https://policies.oath.com/us/en/oath/privacy/controls/index.html...

 An exam blueprint is a break down the sections of the Exam Syllabus and makes it easier for the test taker to  prepare for the exam. It helps the test taker to understand how many questions in various areas of practice should go on an exam. Effective 1st October 2018, EC-Council will be introducing a new version of the CEH exam blueprint and it is mentioned below. The current CEH blueprint is valid till September 30th 2018. You can find the current blueprint here : https://cert.eccouncil.org/images/doc/CEH-Exam-Blueprint-v2.0.pdf

Smurf attack. Smurf is a DoS attacking method. In this flood attack, it floods the victim with the ICMP echo packets instead of TCP SYN packets. Also, it is a spoofed broadcast ping request using the victim IP address as the Source IP. Most of the modern devices can deter these kind of attacks and SMURF is rarely a threat today. #hping3 -1 --flood --spoof <target> <broadcast_address> Fraggle attack. Similar to Smurf attack, but instead of using ICMP, Fraggle uses UDP packets over UDP ports 7 and 19. Also will broadcast a UDP packet using spoofed IP address of the victim. All the devices on the network will then respond to the victim similar to the Smurf attack. Land attack In this, the attacker sends spoofed SYN packets to the victim using the Victim's IP address and both source and destination IP. This results in the system constantly replying to itself can  crash the system. #hping3 -c <packet_count> -s <src_port> -d <dst_port> --floo...

Nmap. One of the top scanning tool used in Cyber/Networking. There are plenty of scanning techniques that can be used in Nmap. This post is intended to provide a the basic overview on NMap scanning techniques. 1) Ping Scan [-sP] This types of scan is used to detect which computers or devices are online, rather than which ports are open.In this, NMap sends an ICMP ECHO REQUEST packet to the destination system. If an ICMP ECHO REPLY is received, the system is considered as up, and ICMP packets are not blocked.If there is no response to the ICMP ping request, Nmap will try a "TCP Ping", to determine whether ICMP is blocked, or if the host is really not online. A TCP Ping sends either a SYN or an ACK packet to any port (80 is the default) on the remote system. If RST, or a SYN/ACK, is returned, then the remote system is online. If the remote system does not respond, either it is offline, or the chosen port is filtered, and hence it won't be responding to anything....